Edit DNS Server



dos2unix

Well-Known Member
Credits
1,035
what DNS software are you using?
what does your current config look like?
 

TKH

New Member
Credits
0
Hi dos2unix,


Linux dns 3.16.0-10-686-pae #1 SMP Debian 3.16.76-1 (2019-11-12) i686 GNU/Linux.

Using bind 9




//
// Do any local configuration here
//

// Consider adding the 1918 zones here, if they are not used in your
// organization
//include "/etc/bind/zones.rfc1918";

view "internal-only-sites"{
match-clients {
192.168.1.0/24;
192.168.15.0/24;
};
zone "exampleweb.com" {
type master;
file "/etc/bind/zones/db.exampleweb.com.internal";
notify yes;
allow-transfer {
192.168.1.202;
192.168.1.203;
192.168.15.203;
};
};
};

view "external-forced-sites" {
match-clients {
192.168.3.0/24;
192.168.5.0/24;
192.168.7.0/24;
192.168.8.0/24;
172.16.4.0/24;
172.16.9.0/24;
};
zone "exampleweb.com" {
type master;
file "/etc/bind/zones/db.exampleweb.com.external";
notify yes;
allow-transfer {
192.168.3.202;
192.168.5.202;
192.168.7.202;
192.168.8.202;
172.16.9.202;
172.16.4.202;
};
};
};

view "all-sites" {
match-clients { any; };
// prime the server with knowledge of the root servers
// be authoritative for the localhost forward and reverse zones, and for
// broadcast zones as per RFC 1912
server 192.168.15.203 {
};
server 192.168.1.202 {
};
};

"named.conf.local" [readonly] 66L, 1333C
 

dos2unix

Well-Known Member
Credits
1,035
Lets start with your forward lookup zone file. Here is an example.

$ORIGIN exampleweb.com.
@ 3600 SOA ns1.p30.exampleweb.com. (
zone-admin.exampleweb.com. ; address of responsible party
2020021301 ; serial number
3600 ; refresh period
600 ; retry period
604800 ; expire time
1800 ) ; minimum ttl
86400 NS ns1.p30.exampleweb.com.
86400 NS ns2.p30.exampleweb.com.
86400 NS ns3.p30.exampleweb.com.
86400 NS ns4.p30.exampleweb.com.
3600 MX 10 mail.example.com.
3600 MX 20 vpn.example.com.
3600 MX 30 mail.example.com.
600 A 192.168.1.50
mail 14400 A 192.168.1.111
vpn 60 A 192.168.5.100
webapp 60 A 192.168.1.55
www 43200 CNAME example.com.

The line that looks like this...
600 A 192.168.1.50

Is where your domain get's it IP address.
So when you ping exampleweb.com... you are really pinging 192.168.1.50
I don't know if 192.168.1.50 really exists, I just made it up as an example.

down at the bottom of this file you see a line that looks like this...
www 43200 CNAME exampleweb.com.

CNAME is kind of an "alias". What this means is... when you are pinging
www you are really pinging exampleweb.com

notice this only works if you actually have a web server running on the exampleweb.com
server (192.168.1.50)

You'll also need a reverse zone lookup file. I'll add that when I have more time.
 
  • Like
Reactions: Rob


Members online


Latest posts

Top